Application Of Network Security Technology In Guizhou Local Tax Information System

The emergence of computer network has greatly changed the way of people's life,providing a variety of convenient and effective channels for people's work and study,making the data communication,resource sharing,distributed processing possible.It has the advantages of fast communication,wide dissemination of information and resource sharing.In view of the advantages of the computer network.At the same time,with the purpose of the enrichment to tax the people for the purpose,the Local Taxation Bureau in Guizhou Province developed a series of tax system,the realization of online tax,tax collection process specification and ensure tax stipulated in the law.However with the advent of the number of users increased,information leakage,information theft,tampering with data,delete data Tim and single points of failure etc.the problem of network security,traditional user name/password authentication methods,simple stateless HTTP connection mode,low fault tolerance and multiple system corresponding to the multiple user name/password log in mode,has been unable to meet the needs from Guizhou Province Local Taxation Bureau of safety and efficiency in the system.Based on this situation,to-ensure the information in the network transmission of confidentiality,security,integrity and non repudiation,Guizhou Province Local Taxation Bureau intends to develop and achieve uniform identity authentication,secure log in,encrypted transmission,and no single point of failure and the effective management of the user's tax information system.According to the security needs from Guizhou local taxation Bureau,this paper designs a set of practical solutions by using various network security technologies:(1)Using the network load balancing cluster technology to ensure that no single point of failure and load balance;(2)Adopt topology of the seven regional planning to ensure the security of the system;(3)The use of the technology of PKI/CA,built CA Certificate issued by institutions,a self signed Certificate Authority(CA)spontaneous,to achieve information transmission security,confidentiality,integrity and non repudiation.(4)Based on Active Directory(AD)of a Unified Identity Authentication,to achieve a unified certification of multiple application systems;(5)Using HTTPS encryption channel technology to achieve data encryption transmission,authentication.After the development of the system in Guizhou province to promote,and achieved considerable results.The use of cluster technology to achieve the high availability of Web application system.Secondly,the province's users to use personal certificates combined with user name/password landing system,to achieve a dual identity.At the same time,the website enables the HTTPS security protocol,and uses the Active Directory to manage the user flexibly,the security and the efficiency of the system has been further improved.